SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

OVAL

SUSE-SU-2024:0548-1 -- SLES webkit2gtk3, WebKitGTK-4.0-lang, WebKitGTK-6.0-lang, WebKitGTK-4.1-lang, libwebkit2gtk-4_0-37, webkit2gtk-4_1-injected-bundles, typelib-1_0-JavaScriptCore-4_1, webkit2gtk-4_0-injected-bundles, typelib-1_0-JavaScriptCore-4_0, webkit2gtk4-debugsource, libwebkit2gtk-4_1-0, libjavascriptcoregtk-4_0-18, typelib-1_0-WebKit2-4_1, typelib-1_0-WebKit2WebExtension-4_1, libwebkitgtk-6_0-4, libjavascriptcoregtk-4_1-0, libjavascriptcoregtk-6_0-1, webkitgtk-6_0-injected-bundles, typelib-1_0-WebKit2WebExtension-4_0, typelib-1_0-WebKit2-4_0

ID: oval:org.secpod.oval:def:89051500	Date: (C)2024-04-26 (M)2024-04-26
Class: PATCH	Family: unix

This update for webkit2gtk3 fixes the following issues: Update to version 2.42.5 : * CVE-2024-23222: Fixed processing maliciously crafted web content that may have led to arbitrary code execution . * CVE-2024-23206: Fixed fingerprint user via maliciously crafted webpages . * CVE-2024-23213: Fixed processing web content that may have led to arbitrary code execution . * CVE-2023-40414: Fixed processing web content that may have led to arbitrary code execution . * CVE-2014-1745: Fixed denial-of-service or potentially disclose memory contents while processing maliciously crafted files . * CVE-2023-42833: Fixed processing web content that may have led to arbitrary code execution .

Platform:

SUSE Linux Enterprise Desktop 15 SP4

SUSE Linux Enterprise Desktop 15 SP5

SUSE Linux Enterprise Server 15 SP4

SUSE Linux Enterprise Server 15 SP5

Product:

webkit2gtk3

WebKitGTK-4.0-lang

WebKitGTK-6.0-lang

WebKitGTK-4.1-lang

libwebkit2gtk-4_0-37

webkit2gtk-4_1-injected-bundles